A concerning online threat is targeting Gmail users, as hackers are employing a new tactic to gain unauthorized access to email and other accounts. The cyber scam, identified by Malwarebytes, involves a fraudulent message purporting to be from Google Support, claiming a need for a password reset due to a suspected account breach. In some instances, the email is followed by a phone call to further deceive individuals.
The hackers’ objective is to extract the security code sent by Google during a password reset process. By tricking users into divulging this code, the hackers can infiltrate accounts and pilfer personal information. Malwarebytes highlighted that victims are lured into resetting their passwords by a fake support request, ultimately leading to the compromise of their accounts.
Although the extent of the issue is not fully known, reports have emerged of Google users falling victim to this scam in recent weeks. One Reddit user recounted a harrowing experience where a scammer attempted to seize control of their account while engaging in a phone conversation, even instructing the victim to verify the call’s legitimacy by redialing the displayed number, which turned out to be a dead end.
Google has issued a warning, advising users not to disclose any information if contacted regarding account resets, as it is likely a fraudulent scheme. The tech giant emphasized that any requests for password assistance or account recovery that involve payment or unsolicited phone calls are not affiliated with Google. Users are urged to exercise caution and refrain from sharing sensitive data with unauthorized entities posing as Google representatives.